man in the middle?

Robert Hogan robert at roberthogan.net
Sun Dec 24 10:46:23 UTC 2006


Got this when testing an ssh connection:

WARNING: DSA key found for host shell.sf.net
in /home/robert/.ssh/known_hosts:8
DSA key fingerprint 4c:68:03:d4:5c:58:a6:1d:9d:17:13:24:14:48:ba:99.
The authenticity of host 'shell.sf.net (66.35.250.208)' can't be established
but keys of different type are already known for this host.
RSA key fingerprint is cf:9b:db:c4:53:c3:f0:0d:e8:c4:15:33:61:71:01:ca.
Are you sure you want to continue connecting (yes/no)? no


Tor first attempted to attach a circuit with toxischnet as it's exit. This 
didn't work, so it then used tormentor. I then got the above.

I subsequently used both toxischnet and tormentor to connect without any key 
authentication issues. The RSA fingerpint is not listed by sourceforge. 

http://sourceforge.net/docs/G04/en/#fingerprintlist

Malice? Misconfiguration of some sort? Anyone care to test either of these 
exits?

-- 

KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net
TorK   - A Tor Controller For KDE      - http://tork.sf.net



More information about the tor-talk mailing list